The Pall Mall Process, launched in February 2024 by the UK and France, aims to tackle the growing threat of Commercial Cyber-Intrusion Capabilities (CCICs), particularly spyware. Despite global efforts, spyware remains a lucrative and evolving market, with continued incidents of government surveillance and legal battles against vendors like NSO Group. The rise in vulnerabilities and zero-day exploits further complicates the cybersecurity landscape, especially as AI tools enhance vulnerability discovery.

A major issue is the fragmentation of vulnerability reporting, with institutions like NIST’s National Vulnerability Database struggling to keep pace. Vendors’ independent assessments often lack transparency, leading to unpatched security risks. While initiatives like Wiz’s cloud vulnerability database and CyberPeace Institute’s spyware tracking provide alternative reporting mechanisms, a lack of coordination hampers security efforts.

The Pall Mall Process recommends international cooperation to regulate CCICs, but export controls alone are insufficient, as the spyware market adapts to restrictions. Instead, better information sharing, capacity building, and incentivized vendor-independent bug bounty programs can strengthen defenses. Encouraging responsible vulnerability disclosure, funding research, and leveraging AI for triage are critical steps to outpace cyber threats.

Ultimately, cybersecurity governance must prioritize visibility and proactive security measures. Coordinated vulnerability disclosure is key to tackling the spyware problem at its root—by addressing the vulnerabilities that enable it.

Source: https://www.trendmicro.com/en_us/research/25/d/threat-landscape-capacity.html